CVE-2025-14250

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...

CVE-2025-14250

The CVE-2025-14250 entry corresponds to code-projects Online Ordering System 1.0 where the vulnerability originates in the /user_contact.php file, in the Name parameter. Multiple connected sources (CNVD-2026-00521, RH/CVE-2025-14250, CNNVD-202512-957, EUVD-2025-201729, NVD, CVELIST) describe a SQ...

CVE-2025-63453

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php...

CVE-2025-63453

Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php...

CVE-2025-12224

A flaw has been found in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This vulnerability affects unknown code of the file admin/contact.php. This manipulation of the argument twitter causes cross site scripting. The attack may be initiated remotely. The exploit h...

EUVD-2025-36075

A flaw has been found in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This vulnerability affects unknown code of the file admin/contact.php. This manipulation of the argument twitter causes cross site scripting. The attack may be initiated remotely. The exploit h...

CVE-2025-12224 Iqbolshoh php-business-website contact.php cross site scripting

A flaw has been found in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This vulnerability affects unknown code of the file admin/contact.php. This manipulation of the argument twitter causes cross site scripting. The attack may be initiated remotely. The exploit h...

CVE-2025-12224

The CVE concerns Iqbolshoh php-business-website (up to version 10677743a8dfc281f85291a27cf63a0bce043c24). The vulnerability is in admin/contact.php where manipulation of the twitter parameter enables cross-site scripting. The attack can be initiated remotely, and exploits have been published. Pro...

CVE-2025-56215

phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in contact.php via the pagetitle parameter...

CVE-2025-56215

phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in contact.php via the pagetitle parameter...

CVE-2025-6126 PHPGurukul Rail Pass Management System contact.php cross site scripting

A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /contact.php. The manipulation of the argument Name leads to cross site scripting. The attack can be launched...

PHPGurukul Old Age Home Management System 安全漏洞

PHPGurukul Old Age Home Management System is a nursing home management system from PHPGurukul. A security vulnerability exists in PHPGurukul Old Age Home Management System version 1.0, which is caused by a SQL injection due to incorrect manipulation of the parameter fname in the file /contact.php...

CVE-2024-13007

A vulnerability, which was classified as critical, was found in Codezips Event Management System 1.0. Affected is an unknown function of the file /contact.php. The manipulation of the argument title leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2020-24223

Mara CMS 7.5 allows cross-site scripting XSS in contact.php via the theme or pagetheme parameters...

VulnCheck KEV: CVE-2010-2099

bbcode/php.bb in e107 0.7.20 and earlier does not perform access control checks for all inputs that could contain the php bbcode tag, which allows remote attackers to execute arbitrary PHP code, as demonstrated using the toEmail method in contact.php, related to invocations of the toHTML method...